Russian-linked hackers have launched a cyber-espionage campaign targeting government and research institutions in Tajikistan using phishing emails with government-themed lure documents. This campaign marks a shift in tactics for the threat group TAG-110, associated with APT28, as they move away from malware to macro-enabled Word templates. #TAG110 #APT28 #CyberEspionage
Keypoints
- The attack targets government, academic, and research institutions in Tajikistan.
- Researchers linked the campaign to the Russian military intelligence-backed group TAG-110.
- Phishing emails used decoy files related to Tajikistanβs armed forces and elections.
- Attackers shifted from Hatvibe malware to macro-enabled Word templates for infection.
- The campaign is part of Russiaβs broader effort to maintain influence in Central Asia amid regional tensions.
Read More: https://therecord.media/russia-hackers-target-tajikistan-espionage